and learning all the essential areas it describes until i get to the following line from the networking part..

"You will need a firm grasp on subnetting. The differences between a Class A, B and C network, and no a Class C is not a slash twenty four (/24). If that came as a surprise to you, then you seriously need to go back and read. "

This has confused me a LOT, from my previous University studies I was lead to believe that a Class C subnet IS slash 24 (/24) as it has 24 of the possible 32 bits active (255.255.255.0) and pretty much everything i've researched has backed that up.. have I missed something obvious here??

You can take a Class A/B network and subnet it down further to smaller networks. for instance 10.0.0.0/24, the octets fall into a Class A network but the CIDR notation makes it look as if it is a Class C. It may contain the same number IPs but it is part of a much larger network.

3xban wrote:You can take a Class A/B network and subnet it down further to smaller networks. for instance 10.0.0.0/24, the octets fall into a Class A network but the CIDR notation makes it look as if it is a Class C.

What he said

This is the only way I can see the comments making sense is if it was served as a warning as opposed to a fact.

Exactly what point do I need to be at before I should be comfortable taking it on with the course materials and research supplementing?

I studied Computing in Uni (Forensics unfortunately, wishing I went down the security route to begin with) so my knowledge of computing is pretty high, most of the stuff we did was with Windows but from a personal geekage point of view I understand Backtrack Linux pretty well now.

I understand networking and the layouts, the OSI model, TCP/IP, Subnetting (thanks to the help you guys left me). I learnt Vivek's Metasploit Megaprimer about a thousand times and read the pentesting with Metasploit book, so i'm pretty comfortable with msf now too.

Is an exploit friendly language the next step or is there somewhere I could better spend my time such as specific exploits, SSH tunneling, SQL injections?

Any help you can give is always greatly appreciated.

(p.s. If you think this question is better off moved to the OSCP specific section I understand)

I was trying to look for the thread were someone put together a very simple list of things you should know before hitting the test but I couldn't find it. But luckily I jotted it down for my own reference:

Learn Python Scripting (diveintopython.org) - I have also been using learnpythonthehardware.org

BASH Scripting

Know what assembly language looks like (book - Hacking: the art of exploitation by John Erickson)